CVE-2021-24368
N/A
N/A
Summary
The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin WordPress plugin before 7.1.18 did not sanitise or escape its result_id parameter when displaying an existing quiz result page, leading to a reflected Cross-Site Scripting issue. This could allow for privilege escalation by inducing a logged in admin to open a malicious link
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ExpressTech | Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress | 7.1.18 < 7.1.18 | affected |
Weaknesses
- CWE-79: CWE-79 Cross-site Scripting (XSS)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.